Skip to content

Instantly share code, notes, and snippets.

@c0deaddict

c0deaddict/kyverno-values.yaml

Last active June 21, 2024 14:17
Show Gist options
  • Save c0deaddict/79054d2f0b145518d96dfb894a8a2c2c to your computer and use it in GitHub Desktop.
Save c0deaddict/79054d2f0b145518d96dfb894a8a2c2c to your computer and use it in GitHub Desktop.
Download ZIP
Raw
kyverno-values.yaml
backgroundController:
rbac:
clusterRole:
extraResources:
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- get
- list
- watch
- update
- patch
Raw
postgres-operator-fix-owner-references.yaml
apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
name: postgres-operator-fix-owner-references
annotations:
policies.kyverno.io/title: Fix postgres-operator owner references
policies.kyverno.io/category: Postgres-operator
policies.kyverno.io/subject: Statefulset
policies.kyverno.io/description: >-
Postgres-operator doesn't set ownerReferences on statefulsets created from
postgresql resources. Consequently ArgoCD doesn't know about the
statefulset, and doesn't show it in the UI.
PR with fix: https://github.com/zalando/postgres-operator/pull/2199
spec:
mutateExistingOnPolicyUpdate: true
rules:
- name: add-owner-references-to-existing-resources
match:
any:
- resources:
kinds:
- acid.zalan.do/v1/postgresql
mutate:
targets:
- apiVersion: apps/v1
kind: StatefulSet
name: "{{ request.object.metadata.name }}"
namespace: "{{ request.object.metadata.namespace }}"
patchStrategicMerge:
metadata:
ownerReferences:
- apiVersion: "{{ request.object.apiVersion }}"
kind: "{{ request.object.kind }}"
name: "{{ request.object.metadata.name }}"
uid: "{{ request.object.metadata.uid }}"
blockOwnerDeletion: false
controller: true
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment